Page 4 of 45 results (0.013 seconds)

CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. • https://access.redhat.com/security/cve/CVE-2023-26590 https://bugzilla.redhat.com/show_bug.cgi?id=2212279 • CWE-697: Incorrect Comparison CWE-1077: Floating Point Comparison with Incorrect Operator •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). • https://access.redhat.com/security/cve/CVE-2023-34151 https://bugzilla.redhat.com/show_bug.cgi?id=2210657 https://github.com/ImageMagick/ImageMagick/issues/6341 https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 2

A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. • https://github.com/SudoIndividual/CVE-2023-34152 https://access.redhat.com/security/cve/CVE-2023-34152 https://bugzilla.redhat.com/show_bug.cgi?id=2210659 https://github.com/ImageMagick/ImageMagick/issues/6339 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. • https://access.redhat.com/security/cve/CVE-2023-34153 https://bugzilla.redhat.com/show_bug.cgi?id=2210660 https://github.com/ImageMagick/ImageMagick/issues/6338 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 3

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. • https://github.com/d0rb/CVE-2023-30943 https://github.com/Chocapikk/CVE-2023-30943 https://github.com/RubyCat1337/CVE-2023-30943 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718 https://bugzilla.redhat.com/show_bug.cgi?id=2188605 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY htt • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •